REMARKS 

This application has been carefully reviewed in light of the Office Action 
dated October 31, 2007. Claims 8, 10, 18, 20, 22 and 38 to 46 remain pending in the 
application, of which Claims 8, 18 and 22 are independent. Reconsideration and further 
examination are respectfully requested. 

Claims 8, 18, 22, 38, 39, 41, 42, 44 and 45 were rejected under 35 U.S.C. § 
103(a) over U.S. Patent No. 6,219,706 (Fan) in view of U.S. Patent No. 6,195,366 
(Kayashima), Claims 10 and 20 were rejected under § 103(a) over Fan in view of 
Kayashima and further in view of U.S. Patent No. 5,646,872 (Yonenaga), and Claims 40, 
43 and 46 were rejected under § 103(a) over Fan in view of Kayashima and further in view 
of Official Notice. Reconsideration and withdrawal of the rejections are respectfully 
requested. 

The invention controls the execution of processes in a data processing 
apparatus. In the invention, the data processing apparatus maintains a connection 
limitation table of connection limitation information in which discrimination information 
of a computer and a port number are associated with each other. When a request that 
includes a kind of data process to be executed is received from an external apparatus, a 
port number of a dynamically allocated port for the requested kind of data process is 
notified to the external apparatus. Discrimination information of the external apparatus 
transmitting the request and the notified port number are associated with each other, 
connection limitation information is formed and registered in the table. Then, when data 
addressed to the allocated port is received from an external apparatus, control over 
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execution of the process is provided. Specifically, in a case where it is discrimination that 
the connection limitation information is registered, a process corresponding to the 
allocated port is executed based on the received data. On the other hand, in a case where it 
is discriminated that the connection limitation information has not been registered, the 
process corresponding to the allocated port is not executed based on the received data, 
even though the data processing apparatus has been permitted to communicate with the 
external apparatus which transmitted the data. 

Referring specifically to the claims, amended independent Claim 8 is 
directed to a data processing apparatus which communicates with a computer via a 
network, the data processing apparatus comprising a storage unit that stores therein a 
connection limitation table including connection limitation information in which 
discrimination information of a computer and a port number are associated with each 
other, a reception unit that receives a request transmitted from an external apparatus via the 
network, wherein the request includes a kind of data process to be executed, a port number 
notifying unit that notifies the external apparatus of a port number of a dynamically 
allocated port for the kind of data process included in the request received by the reception 
unit, a registration unit that associates discrimination information of the external apparatus 
which transmitted the request and the port number which was notified by the port number 
notifying unit with each other, forms connection limitation information, and registers the 
formed connection limitation information in the connection limitation table stored by the 
storage unit, a data receiving unit that receives data addressed to the allocated port, from 
an external apparatus, and a control unit that discriminates whether or not the connection 
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limitation information in which the port number corresponding to the allocated port of the 
data received by the data receiving unit and the discrimination information of the external 
apparatus which transmitted the data received by the data receiving unit are associated 
with each other has been registered in the connection limitation table by the registration 
unit, wherein the control unit controls to execute a process corresponding to the allocated 
port based on the data received by the data receiving unit in a case where it is 
discriminated that the connection limitation information has been registered in the 
connection limitation table, and controls not to execute the process corresponding to the 
allocated port based on the data received by the data receiving unit in a case where it is 
discriminated that the connection limitation information has not been registered in the 
connection limitation table, even though the data processing apparatus has been permitted 
to communicate with the external apparatus which transmitted the data received by the 
data receiving unit. 

Claims 18 and 22 are method and computer medium claims, respectively, 
that substantially correspond to Claim 8. 

The applied art, alone or in any permissible combination, is not seen to 
disclose or to suggest the features of Claims 8, 18 and 22, and in particular, is not seen to 
disclose or to suggest at least the features of a control unit/step that discriminates whether 
or not connection limitation information in which a port number corresponding to a 
dynamically allocated port of data received by a data receiving unit/step and 
discrimination information of an external apparatus which transmitted the data received by 
the data receiving unit/step are associated with each other has been registered in a 
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connection limitation table by a registration unit/step, wherein the control unit/step 
controls to execute a process corresponding to the allocated port based on the data received 
by the data receiving unit/step in a case where it is discriminated that the connection 
limitation information has been registered in the connection limitation table, and controls 
not to execute the process corresponding to the allocated port based on the data received 
by the data receiving unit/step in a case where it is discriminated that the connection 
limitation information has not been registered in the connection limitation table, even 
though the data processing apparatus has been permitted to communicate with the external 
apparatus which transmitted the data received by said data receiving unit/step. 

In Fan, a firewall controls an ACL (access control list) to change over 
transfer/non-transfer of a packet sent from a node of an external network to a host PC on a 
LAN. If a packet to be sent from the host PC to the node on the external network is 
received, the ACL is dynamically changed so that a response of the node to the received 
packet can be transferred to the host PC. For example, if a packet to a node A on the 
external network is received from the host PC, it is necessary to be able to transfer a 
response packet from the node A to the host PC. Accordingly, information concerning the 
node A is added to the ACL so that the host PC can be temporarily accessed from the node 
A. 

Kayashima discloses that a server notifies a client computer of a port 
number. Accordingly, a combination of Fan and Kayashima would, at best, have resulted 
in the following operation. If the firewall receives the packet to the node A on the external 
network from the host PC, the firewall adds the node A to the ACL and also notifies the 
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node A of the corresponding port number. After then, if the firewall receives the packet 
sent from the node A to the relevant port (number), the firewall processes the received 
packet according to the new ACL. However, in a case where the firewall receives a packet 
sent to the relevant port from another node B, if the node B has already been registered in 
the ACL (namely, if the node B is a communicable node), the firewall processes the 
received packet. At that time, if the node A sends the packet to the relevant port, the node 
A cannot communicate because the relevant port has already been used by the node B. 
The reason why such inconvenience occurs is that: (i) the firewall does not associate (and 
register therein) the dynamically allocated port with the node A, (ii) the firewall is not 
controlled so that, even if the node which accessed the port is the communicable node, it 
does not execute any process if the relevant node is not associated with the port; and (iii) 
since the firewall does not dynamically allocate the port, there is a high possibility that the 
port number is involuntarily known by the node B. Accordingly, the proposed 
combination of Fan and Kayashima would not have resulted in the features of the present 
invention. 

Yonenaga has been studied, but it is also not seen to disclose anything that, 
when combined with Fan and/or Kayashima, would have resulted in the features of the 
invention. 

In view of the foregoing amendments and remarks, independent Claims 8, 
18 and 22, as well as the claims dependent therefrom, are believed to be allowable. 
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No other matters having been raised, the entire application is believed to be 
in condition for allowance and such action is respectfully requested at the Examiner's 
earliest convenience. 

Applicant's undersigned attorney may be reached in our Costa Mesa, 
California office at (714) 540-8700. All correspondence should continue to be directed to 
our below-listed address. 

Respectfully submitted, 
/Edward Kmett/ 

Attorney for Applicant 
Edward A. Kmett 
Registration No.: 42,746 

FITZPATRICK, CELLA, HARPER & SCINTO 
30 Rockefeller Plaza 
New York, New York 101 12-3800 
Facsimile: (212) 218-2200 
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